Keyboard Interrupt

Saturday, February 16, 2013

This instructions work on Ubuntu Linux. They should be trivial to implement on other Linux distributions:

Acquire a hybrid Debian installation disk image. You can use a hybrid to both run Debian off the installation medium, or install it on the machine. Download it and save it in your machine. See this page for info on accessing Debian ISOs: http://www.debian.org/CD/

Insert your USB stick into the machine. Ensure that you backup all data since it will be overwritten

Execute the following command in the terminal:

$ sudo fdisk -l

Note the device file for the USB stick. If you cannot understand the output, perform the above command both before and after inserting the USB stick and note the appended file in the output. On my system it is

$ /dev/sdb1

Execute the following command:

$ cat /path/to/debian-iso.iso > /dev/sXY

I had to execute $ su first in order to carry out the command as the root. Remember to do $ exit immediately after the command terminates. Replace /path/to/debian-iso.iso above with the actual path to the ISO you downloaded. My /dev/sXY was /dev/sdb.
Once you are done, you can restart your machine and set it to boot from the USB stick.

If you hold sensitive data on your laptop, work or home computer, you may need to implement some sort of disk encryption to keep it secure. This may come in handy when you lose your laptop, or if some attacker makes away with your hard drive (a case of data theft, or some government agency..).

I'll attempt to give a high-level description of disk encryption.

The whole disk is divided into equal sized blocks. A random character string called a key is generated by the system, and is passed to an encryption function, together with the contents of each block of the disk, and the output is stored on the disk. This data therefore looks like some random gibberish without meaning.

Any person who accesses this storage device cannot derive the unconcealed form of the data.

When the block data needs to be decrypted, the stored data is passed to a decryption function, together with the key that was used in the encryption process, to derive the unconcealed version. The security of the encrypted data therefore depends on the secrecy of the key.

One way of protecting the key is to store it on an external storage device, such as a flash-drive, and this is inserted into the system whenever the owner wants to boot up the computer. Another technique is to store it on an unencrypted part of the hard drive, and protect it with a passphrase, which the owner enters at boot time to retrieve the key. In UNIX-like systems, this may be in the /boot partition.

In the latter case, the owner needs to select a strong passphrase.

Once the key is available to the system, any data that is loaded to the memory is decrypted on the fly, and any data being written to the disk is similarly encrypted. Thus, if the attacker gains access to the system while it is on, disk encryption may not help.

That is, hopefully, an understandable high-level description of disk encryption. In real sense, the actual implementation is more complex. See the document here for details.

If you understand deeply disk encryption, feel free to correct any errors or clarify any ambiguities in the blog comments.

Communication Bandwidth - The maximum amount of data that can be transmitted in a unit of time.

Communication Latency - The amount of time from when a piece of data is sent, to when it is received by the target.

Message Passing - A model of interaction among processors in a multiprocessor system. A message is composed by instructions on one processor and sent to another processor through the interconnecting bus(es).

Shared Memory - A model of interaction where the the separate processors can read and write on the same memory space, and therefore access each others data values. It could be physical where only one memory is available to all the processors, or logical, in the case where each processor has its own memory, and a request to access a non-local memory address is converted to some form of inter-processor communication.

Aggregate Function - A model of interaction where a group of processors act together. An example is barrier synchronization, where each processor outputs a data value on reaching a barrier (a particular point in the computation process) and the communication hardware returns a value to each processor that is a function of all the values received from the processors.

SMP (Symmetric Multiprocessors) - A multiprocessor system with two or more identical processors and a single shared memory, under control of a single OS. It can be thought of as MIMD with shared memory.

Processor Affinity - The OS scheduler keeps a process on the same processor in a multiprocessor system to take advantage of locally cached data.

Shared Everything - All data structures are in shared memory.

Shared Something - Only a subset of the data structures (the ones that need to be shared) are in shared memory.

Atomicity - The concept of an uninterruptible and indivisible operation (sequence of instructions) on a data object.

Cache Coherence - maintaining identical caches of shared memory. A change on one caches should be propagated to other caches.

Mutual Exclusion - utmost one processor or process is updating a given shared object at a given time.

Gang Scheduling - Only related processes or threads are running simultaneously in a multiprocessor system at a given instance. This could be processes of one program, or situation where the input of one process depends on the output of another running at the same time.

Sunday, December 9, 2012

As a follow up to my previous post where I demonstrated the how to create pointers to functions in C, in this post we'll look at how to implement simple object-oriented programming in C.

The basic idea in object-oriented programming is encapsulating data and operations on the data into a single structure. Since we can create pointers to functions, we can therefore create structures that contain both data variables and functions that manipulate these data variables. We shall also see a basic form of inheritance.

In the following example, we'll create a base Animal class, and from it derive a Human class and Duck class. Take the terms class, method and attribute as used below with a pinch of salt. Object-oriented programming is implemented in different ways in the major programming languages in use.

The prototype is initialized with the Human init, sound and move functions.

The invocation of the NEW macro

NEW(Human, "Homo sapien");

is transformed to:

Animal_new(HumanProto, sizeof(Human), "Homo sapien");

The Animal_new function is called with HumanProto which carries with it the overriding functions. However, the size passed to it is that of type Human which is bigger than that of HumanProto (type Animal).

When execution gets to the statement

Animal *animal = calloc(1, size);

in the Animal_new function, the calloc function returns a pointer to a memory space of the size of type Human.

*animal = proto;

copies the contents of the prototype of HumanProto to the allocated memory space. Since the size of allocated space is larger than the size of the prototype, a space that exactly fits the attribute species (a pointer) of the Human class remains.

The statement:

animal->init(animal, "Homo sapien");

then initializes the Human object's species attribute with the string "Homo sapien".

Sunday, November 25, 2012

If you have used a programming language that has first-class functions, that is, supports assigning functions to variables and passing them to other functions, like Python or JavaScript, you may wonder why such flexibility does not exist in C.

It is actually possible, and easy, to implement this in C. In this post, we shall go through
the process of creating pointers to functions.

The first thing to do is to note the function signature, i.e. the function's arguments and return type, who's pointer we want to create. In this example, we want to create a pointer to a function that accepts two integers and returns an integer.

int fptr(int x, int y);

The construct begins like a declaration of the actual function. The next step is to wrap the function name with a pointer syntax.

int (*fptr)(int x, int y);

At this point, fptr can act like a pointer to a function, and will accept a function assigned to it. We probably want to create a type so that we can create several pointers to functions. We therefore prepend typedef to the declaration.

typedef int (*fptr)(int x, int y);

fptr will now act like a type for pointers to functions that accept two integers and return an integer. Declaring a pointer to such a function is now a straight forward affair.

fptr f1, f2;

The following program listing demonstrates how pointers to two different functions with the same function signature can be created, and how they are invoked within a program.

There are two types of memory available to a program running in a computer, the stack memory and heap memory. The operating system allocates a fixed amount of stack memory to a running program, and the heap is extra memory that may be utilized by the program if required. This is especially important to know when using a low-level language like C.

The stack is a Last In First Out (LIFO) data structure. Items can only be inserted and removed from one end. The insert action is a push, and the remove action is a pop. To access an item, all other items on top of it have to be popped from the stack.

The program above calls a function add to find the sum of two integers. The variables in the main function, that is x and y, are pushed onto the stack. When the add function is called, the address of the instruction after the function call is pushed onto the stack, and the execution jumps to the first instruction in add. Variables local to the add function, a and b are also pushed onto the stack.

When the function exits, all variables local to it are popped from the stack, and are replaced by its return value, which is then assigned to the variable sum. The execution is able to continue from where it left off in the main function, since the address of the instruction to execute which had been pushed onto the stack earlier is popped off and execution continues from this address. Here, we've only discussed a high level description of what happens, actual mechanics involved will be illustrated in a later post.

Since the stack size allocated to the program is of a fixed size, there is a limit to the size of variables, and the number of nested function calls that can occur in a program. When the stack becomes full, a condition known as stack overflow occurs and the program crashes. This may happen if one allocates a very large array, or implements a function that recursively calls itself too many times (deep recursion). The case for deep recursion is illustrated by the following C program.

By experimenting with the constant MAX, one can control the number of times that the function recurse calls itself.

When there's need to create a large variable, memory from the heap can be used. Stack memory management is automatically handled by the operating system, but memory from the heap has to be manually allocated and freed by the programmer. In C, the functions malloc and free from header file stdlib.h are used for this, as the following snippet demonstrates.

The programmer, however, has to be careful to free all memory manually allocated by the heap to make it available to other programs. Otherwise a memory leak occurs, where available memory in the computer decreases to an insufficient level.

The deep recursion problem can be solved by devising an iterative program, i.e. using a loop construct, instead of calling a function recursively, for some repeated computation. The technique, known as recursion removal, will be discussed in a later post.